CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-2047

CRLF injection vulnerability in www/delivery/ck.php in Openads 2.3 (aka Max Media Manager, MMM) before 0.3.31-alpha-pr3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the destination parameter. NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://forum.openads.org/index.php?showtopic=503413399&pid=39136
http://www.vupen.com/english/advisories/2007/1365
http://forum.openads.org/index.php?showtopic=503413399&pid=39136
http://www.vupen.com/english/advisories/2007/1365

Products affected by CVE-2007-2047

Openads » Openads » Version: 2.3.30

cpe:2.3:a:openads:openads:2.3.30

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-2047

Products

Pricing

Contact Us